On Mon, Mar 17, 2008 at 5:49 PM, Johann B. Gudmundsson <johannbg@xxxxx> wrote: > See bugs > https://bugzilla.redhat.com/show_bug.cgi?id=437811 > https://bugzilla.redhat.com/show_bug.cgi?id=136289 > https://bugzilla.redhat.com/show_bug.cgi?id=147557 > > In my books this fails QA bigtime and poses a MAJOR security risk for > the end user(s). Your book is not everyone's, nor probably even the majority of people's. I for one use sshd on *every* machine that I own (yes, I even login to my desktop remotely - that's how I IRC). > Either a respins with this *feature* needs to be done or a > reintroduction of Desktop/Server install > with the server install enabling this feature.. Nah, it's a sane default. If you wanna go down this road, choose something that has *actual* security implications (beyond someone possibly brute-forcing a poorly chosen password - users can shoot themselves in the foot via many means. Anaconda even warns of a poorly chosen rootpw now). > It's good that some one in QA board can contact Fedora Security team and > get their input on this issue. QA Board??? I didn't know such a thing existed. I nominate myself :) Seriously, Jeremy would be about the closest thing that you come to that (Will and Jesse as well). > Are we targeting Desktop/Home user or not? Along with many other segments. > If so then we have to make it hard for them to accidentally shoot them > self in foot security wize... Users can shoot themselves in the foot via lots of methods. I don't see this one being particularly egregious. > I mean a noob user accidentally turned of his firewall during install > with the current default installation options leaves > him open to how many security risks? ( none is the right answer )... Well, that's no longer a default installation then, is it? Should we disable CUPS too? (that at least has a recent history of issues). > I'm gonna reopen this mark Anaconda as FAILED_QA then after this has > had a proper discussion > with input from Fedora-Security-Team a QA board member can CLOSE this or > it will be FIXED. It is already CLOSED NOTABUG, and should remain that way. -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
